CVE-2017-9277

3 documents3 sources
Severity
7.5HIGH
EPSS
0.4%
top 40.81%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Novell Edirectory
Timeline
PublishedMar 2
Latest updateMay 13

Description

The LDAP backend in Novell eDirectory before 9.0 SP4 when switched to EBA (Enhanced Background Authentication) kept open connections without EBA.

CVSS vector

CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:NExploitability: 1.6 | Impact: 2.5

Affected Packages2 packages

CVEListV5novell/edirectoryunspecified9.0 SP4

🔴Vulnerability Details

2
GHSA
GHSA-c6x5-fqjq-v57c: The LDAP backend in Novell eDirectory before 92022-05-13
CVEList
existing connection is being used even though eDirectory LDAP server is upgraded to EBA2018-03-02
CVE-2017-9277 (HIGH CVSS 7.5) | The LDAP backend in Novell eDirecto | cvebase.io